Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Angry American
July 13, 2005, 4:18 am
rate this thread
solution to keep users within a home directory. I have read about the Chroot
plugin for SSH, but for the life of me I cannot figure out how to run and
install the dang thing.
Is there an alternative to this? Using some sort of file permisions or a
utility? Any help would be appreciated.
Re: OpenSSH CHROOT newbie
Ahh. I used to host the OpenSSH patches for this, but I changed workplace.
There are now patches at sourceforge.net: basically, you set up user
accounts with homedirs of "/home/username/./", and OpenSSH will try to
chroot all operations into wherever the "/./" is in the user's home
directory path. You then need to install a chroot cage in the "/./"
directory: This includes key components such as ./etc/passwd, ./etc/group,
and possibly ./etc/shadow and ./etc/gshadow depending on your setups, SSH
components, and the libraries to run the SSH binaries.
This is quite a lot of work: in general, I've suggested to people that they
instead install Apache with WebDAV over HTTPS to provide drag&drop, secure,
chrooted, remote file access for remote clients. You don't get the ability
to create symlinks or hard links in the user's directory, but you do get
easy read-only access for a separate account.
No problem, it's a common question.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum